Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Hacktivists' threat to wreak digital havoc on U.S. government sites and financial institutions fell well short of the mark on May 7, the first day of the so-called "OpUSA" attack.

On April 21, hacktivists calling themselves the N4m3le55 cr3w and affiliating themselves with the Anonymous movement promised in a Pastebin post to attack nine government sites—including those of the White House, Pentagon and the National Security Agency along with more than 120 banking sites on May 7.

Yet, the group appeared to hit only a handful of sites, and none from its list of targets, according to network-security firm Radware, which tracked the attack. A separate Pastebin post bragged of hundreds of defaced sites, most located in other countries and likely the victims of a single vulnerability that facilitated a mass defacement.

"The attack had a fairly robust target list, but fell short of expectations," Ronen Kenig, director of security solutions at Radware, said in an email interview with eWEEK. "It seems that only smaller scaled sites took the brunt of the attack."

Further reading

The U.S. government took the threat seriously. On May 6, the U.S. Department of Homeland Security warned businesses of the attack threat and circulated a list of tools publicized by the hacktivists, intended to be used in the attacks.

"Individual hacker groups seem to be conducting attacks independently, each claiming responsibility for individual defacements and data breaches that have supposedly recently taken place," the advisory warned.

Some security experts worried that the size and scope of the attacks could rival the distributed denial-of-service attacks that have disrupted financial sites on and off for nine months.

The reasons for the attack are unclear, but the hackers railed against the U.S. government in a venomous rant posted to Pastebin.

"America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country," the group stated in the post. "You have killed hundreds of innocent children and families with drones, guns, and now bombs. America you have hit thousands of people where it hurts them, now it is our time for our Lulz."

Security experts had a variety of opinions about why the attack did not take off on the first day.

Possible reasons range "from it being too loosely organized to be truly effective to it was just a group claiming Anonymous affiliation trolling everyone to see what the reaction would be," Vann Abernethy, product manager for distributed denial-of-service firm NSFOCUS, said in an e-mail interview with eWEEK.

Others theorized that the group just did not get enough participation or commitment from other hackers and activists to make much difference.

"The small impact could have been attributed to a similar problem during OpIsrael—little manpower for a herculean task," Radware's Kenig said. "More than likely, they weren't able to recruit enough 'boots on the ground' or have a large enough botnet to execute a large-scale cyber-attack."

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.